IETF Logo Mail Archive

Re: #290: Motivate one-year limit for Expires

Mark Nottingham <mnot@mnot.net> Sun, 24 July 2011 17:55 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 86FA321F8AEA for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 24 Jul 2011 10:55:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZhPCSlwndpKC for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 24 Jul 2011 10:55:55 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id 930AB21F8AE6 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Sun, 24 Jul 2011 10:55:52 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.69) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1Ql2ty-00035k-O9 for ietf-http-wg-dist@listhub.w3.org; Sun, 24 Jul 2011 17:55:42 +0000
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.69) (envelope-from <mnot@mnot.net>) id 1Ql2tr-00034u-Ru for ietf-http-wg@listhub.w3.org; Sun, 24 Jul 2011 17:55:35 +0000
Received: from mxout-07.mxes.net ([216.86.168.182]) by lisa.w3.org with esmtp (Exim 4.72) (envelope-from <mnot@mnot.net>) id 1Ql2tq-0005lx-1W for ietf-http-wg@w3.org; Sun, 24 Jul 2011 17:55:35 +0000
Received: from dhcp-1790.meeting.ietf.org (unknown [130.129.23.144]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by smtp.mxes.net (Postfix) with ESMTPSA id 8ADCE22E1EB; Sun, 24 Jul 2011 13:55:12 -0400 (EDT)
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset="us-ascii"
From: Mark Nottingham <mnot@mnot.net>
In-Reply-To: <20110724175303.GU22405@1wt.eu>
Date: Sun, 24 Jul 2011 13:55:11 -0400
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <6F86A490-84EA-4CD3-925D-BD39A23E79FE@mnot.net>
References: <891657B9-2F11-43D6-A9A0-4C6663DAC127@mnot.net> <20110724175303.GU22405@1wt.eu>
To: Willy Tarreau <w@1wt.eu>
X-Mailer: Apple Mail (2.1084)
Received-SPF: pass client-ip=216.86.168.182; envelope-from=mnot@mnot.net; helo=mxout-07.mxes.net
X-W3C-Hub-Spam-Status: No, score=-1.9
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001
X-W3C-Scan-Sig: lisa.w3.org 1Ql2tq-0005lx-1W 620d137166a5c3081418ca3b258b62b2
X-Original-To: ietf-http-wg@w3.org
Subject: Re: #290: Motivate one-year limit for Expires
Archived-At: <http://www.w3.org/mid/6F86A490-84EA-4CD3-925D-BD39A23E79FE@mnot.net>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/11049
X-Loop: ietf-http-wg@w3.org
Sender: ietf-http-wg-request@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Resent-Message-Id: <E1Ql2ty-00035k-O9@frink.w3.org>
Resent-Date: Sun, 24 Jul 2011 17:55:42 +0000

On 24/07/2011, at 1:53 PM, Willy Tarreau wrote:

> Hi Mark,
> 
> On Sun, Jul 24, 2011 at 01:46:27PM -0400, Mark Nottingham wrote:
>> <http://trac.tools.ietf.org/wg/httpbis/trac/ticket/290>
>> 
>> In p6 3.3,
>> 
>> A server SHOULD NOT send Expires dates more than one year in the future.
>> 
>> I did some asking around, and it seems like the idea behind this was that an Expires so far in the future was felt to be more often the sign of bad clocks or administrator error than an intention for such a long TTL (considering that pretty much any eviction algorithm would get rid of it far beforehand).
>> 
>> So, I propose we remove the requirement and replace it with something like:
>> 
>> """
>> Historically, HTTP required the Expires field-value to be no more than a year in the future. While longer freshness lifetimes are no longer prohibited, extremely large values have been demonstrated to cause problems (e.g., clock overflows), and senders ought not produce them.
>> """
> 
> But if more than one year is often the cause of a config error or bad clock,
> shouldn't we suggest that destinations ignore the large value instead ?


Why should they ignore if they don't have the problem?

Besides which, this would be introducing a requirement that makes several previously conformant implementations non-conformant. 

--
Mark Nottingham   http://www.mnot.net/

v2.23.0 | Report a Bug | By Email